package com.xy.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.jasig.cas.client.validation.Assertion;

/** 
 * 自动根据单点登录系统的信息设置本系统的用户信息 
 *  
 * @author 
 * */
public class AutoSetUserAdapterFilter implements Filter {

	public void destroy() {

	}

	public void doFilter(ServletRequest request, ServletResponse respone,
			FilterChain chain) throws IOException, ServletException {
		HttpServletRequest httpRequest = (HttpServletRequest) request;                                    
		// _const_cas_assertion_是CAS中存放登录用户名的session标志                  
		Object object = httpRequest.getSession().getAttribute("_const_cas_assertion_");  
		System.out.println(object.toString());
		 if (object != null) { 
			 Assertion assertion = (Assertion) object;                          
			 String loginName = assertion.getPrincipal().getName();  
			 HttpSession session = httpRequest.getSession();
			 System.out.println("loginName->" + loginName + "，session->" + session.getCreationTime());
			 if(!"xiaoyu".equals(loginName)) {
				 session.invalidate();
			 }
		 }
		 chain.doFilter(request, respone);
	}

	public void init(FilterConfig arg0) throws ServletException {

	}
}
